Privacy Policy

Your privacy matters. This policy explains what we collect, why, how we use it (including selling/sharing disclosures where permitted by law), how we protect it, and the rights available to you worldwide.

Last updated: August 16, 2025

1. Introduction and Scope

Skivyy.com ("Skivyy", "we", "our", "us") is committed to transparent, lawful data practices. This Privacy Policy explains how we collect, use, disclose, sell/share, retain, protect, and transfer personal information when you visit skivyy.com, our apps, or use our services (the "Platform").

By using the Platform, you consent to the practices described here, subject to your rights under applicable laws. If you do not agree, please discontinue use.

2. Controller, Representatives, and Contacts

Controller: Skivyy Inc., Vancouver, British Columbia, Canada.

Privacy Officer/DPO: [email protected]

General Support: [email protected]

Mailing Address: 1337 E 61st Ave, Vancouver, BC, Canada

3. Information We Collect

Personal Information

We may collect personal information that you provide directly to us, including:

  • Name and contact information (email address, phone number)
  • Professional information (resume, work experience, skills)
  • Account credentials (username, password)
  • Payment information for premium services
  • Communication preferences and settings

Automatically Collected Information

We automatically collect certain information when you visit our site:

  • IP address and location data
  • Browser type and version
  • Operating system information
  • Page views and navigation patterns
  • Device information and screen resolution

Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to enhance your experience, analyze usage patterns, and deliver personalized content.

4. How We Use Your Information (Purposes and Legal Bases)

Provide and improve services (Contract/Legitimate Interests): operate the Platform, match candidates with roles, administer certifications, and deliver Pro features.

Integrity and security (Legitimate Interests/Legal Obligation): fraud prevention, access control, auditing, and incident response.

Marketing and personalization (Consent/Legitimate Interests): recommendations, emails, push, and onsite content. Opt-out anytime.

Payment processing (Contract/Legal Obligation): process transactions via PCI-DSS compliant processors; prevent fraud and resolve disputes.

Compliance (Legal Obligation): recordkeeping, sanctions/AML screening where applicable, regulatory reporting.

Research and product development (Legitimate Interests): analytics, A/B tests, new features, and quality assurance.

5. Selling/Sharing and Other Disclosures

Sale/Share (as defined by CCPA/CPRA): We may sell or share certain personal information to employers and select partners to facilitate recruiting, placements, and marketing. Categories may include identifiers, professional info, inferences, and usage data. You may opt out where required (Do Not Sell or Share My Personal Information).

Employers and recruiters: profiles, resumes, certifications, assessments, and contact information when you apply or opt in to visibility.

Service providers (processors): cloud hosting, analytics, support tools, proctoring vendors, and payment processors under contractual safeguards.

Advertising and analytics partners: pseudonymous identifiers and events for ads and measurement, subject to your preferences.

Legal and safety: disclosures to comply with law, protect rights, investigate fraud/abuse, or respond to lawful requests.

Business transfers: mergers, acquisitions, financings, or asset sales, subject to this Policy’s protections.

6. Security

Controls: encryption in transit/at rest, role-based access controls, least-privilege, network segmentation, and logging.

Governance: security training, vendor diligence, incident response plans, vulnerability management, and periodic audits.

Important: No system is perfectly secure; please use strong passwords and enable available protections.

7. Data Retention

Schedules: We retain personal data only as long as needed: account and profile (active use), certifications (validity period + audit window), billing records (7 years or as required), security logs (12–24 months), and proctoring media (as needed for integrity/audits, then deleted or anonymized).

Deletion: We delete or anonymize data when no longer needed, except where law requires retention or for legitimate interests (e.g., fraud prevention).

8. Your Rights (GDPR/UK GDPR, CCPA/CPRA, PIPEDA, DPDP)

GDPR/UK GDPR

Residents of the EEA/UK may have rights to access, rectify, erase, restrict, port, object, and not be subject to certain automated decisions. Legal bases include consent, contract, legal obligation, and legitimate interests.

CCPA/CPRA (California)

Residents of California have rights to know, delete, correct, opt-out of sale/share, limit use of sensitive information, and non-discrimination. Submit requests via [email protected]. We honor browser-based opt-out signals where required.

PIPEDA (Canada)

Canadian residents have rights to access and correct personal information and to challenge compliance. Contact our Privacy Officer to exercise these rights.

DPDP (India)

Data principals may access, correct, delete, and withdraw consent, and file grievances. We will appoint a grievance officer and comply with applicable DPDP requirements.

9. International Data Transfers

We may transfer personal information internationally. Where required, we use appropriate safeguards such as Standard Contractual Clauses (SCCs), UK IDTA/Addendum, and other approved mechanisms, and implement supplemental measures as needed.

9. Third-Party Services

Third-Party Links: Our site may contain links to third-party websites. We are not responsible for their privacy practices.

Integration Services: We may integrate with third-party services (e.g., Google Analytics, payment processors) that have their own privacy policies.

Social Media: Features like social media sharing buttons may collect information about your visit.

10. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

12. Automated Decision-Making and Profiling

We may use automated processing (e.g., ranking, matching, or fraud detection) to support Platform functions. Where required, we provide meaningful information about the logic involved and your rights to object or request human review.

13. Cookies and Preference Management

Manage cookies in your browser/OS settings. Some regions require consent for non-essential cookies; we honor applicable consent and opt-out signals where required.

14. Requests, Appeals, and Opt-Outs

Submit requests: [email protected] (include: name, region, request type). We may verify identity before acting.

Appeals: If your request is denied, you may appeal via the same email with "Appeal" in the subject.

Do Not Sell/Share: Email subject "Do Not Sell or Share"; we honor opt-outs per applicable laws.

15. Updates and Contact

We may update this Privacy Policy periodically. Material changes will be communicated via email or in-product notices. Continued use after changes indicates acceptance.

Privacy Officer: [email protected]

Support: [email protected]

Website: https://skivyy.com/contact

Address: 1337 E 61st Ave, Vancouver, BC, Canada